EMV chip technology is becoming the global standard for credit card and debit card payments that will help prevent fraud. It’s important to become familiar with this new technology to protect your business from potential counterfeit charges made by consumers.
To help you learn more, we have provided answers to some of the most common questions about EMV chip technology.
What is EMV?
EMV chip technology is becoming the global standard for credit card and debit card payments. Named after its original developers (Europay, MasterCard and Visa), this chip technology features payment instruments (cards, mobile phones, etc.) with embedded microprocessor chips that store and protect cardholder data. EMV chip technology may also be referred to as “Chip and PIN” or “Chip and Signature”. Chip cards may also be referred to as Smart cards. EMV is used for card-present transactions to prevent counterfeit card use.
What is chip card technology?
Chip card technology is an upgrade to the card networks’ payment systems that will help increase security and reduce fraud while enabling the use of future value-added applications such as contactless chip payments and mobile payments. Chip cards look like current credit or debit cards that are embedded with a micro-computer chip. Some EMV cards may require a cardholder’s PIN instead of a cardholder’s signature to complete the transaction process.
How does the EMV compliant chip card work on my terminal/POS (point of sale) device?
When an EMV compliant chip card is presented as form of payment for goods and services, it is typically inserted directly into a point of sale terminal which is EMV enabled and can read the data contained on the card’s computer chip. In some cases a card or payment device may be tapped or waved in front of a contactless reader to authorize the transaction. The EMV-enabled device will communicate with the chip inside the customer’s chip card or payment device to determine whether or not the card is authentic. The card will tell the terminal if it is chip + PIN or chip + signature and the terminal will prompt the customer accordingly. Generally, the terminal will prompt the customer to sign or enter a PIN to validate their identity. This process enhances the authentication of both the card and cardholder, effectively reducing the possibility that your business will accept a counterfeit card. Note that if a chip card is “swiped” on an EMV terminal, the terminal will prompt for the card to be inserted.
When will the EMV compliant terminals be available?
Terminals are now available for customers who would like to upgrade their existing terminals.
Is this chip technology unique to the United States?
No. The chip technology standard for payment was first used in France in 1992. Today, there are more than one billion chip cards used around the world. The U.S. is one of the few industrialized nations that have not yet adopted chip card technology.
Why should I invest in chip card acceptance?
Preventing the growth of fraudulent activity is one of the main reasons the payment card issuers and the card networks are moving toward EMV technology. Chip cards make it difficult for fraudsters to target cardholders and merchants. As a result, more and more chip cards are being introduced by U.S. financial institutions in order to support and initiate the switch over to this technology.
What do I do when a customer presents a chip card and my terminal only accepts magnetic stripe cards?
Chip cards will continue to be issued with a magnetic stripe during the U.S. migration to EMV. This will ensure customers have the ability to pay regardless of the means of acceptance at the terminal until the migration to EMV is complete. Some payment form factors (e.g. mobile phones) may require a contactless reader in order to process the transaction. Liability shift for counterfeit cards will be introduced in 2015 and could impact those merchants that are not compliant with EMV processing.
What is Liability Shift?
Currently, Point of Sale counterfeit fraud is largely absorbed by card issuers. With the liability shift scheduled to go in effect in 2015, counterfeit fraud may shift to those merchants who accept a contact chip card and have not at minimum, adopted an EMV compatible contact chip terminal. The liability shift is designed to encourage chip adoption since any chip-on-chip transaction (chip card read by a chip terminal) provides the dynamic authentication data necessary to help better protect all parties. The U.S. is the last country in the world to commit to a liability shift associated with chip card payments.
How does the liability shift in 2015 impact me as a merchant?
In order to reduce fraud, most of the payment networks are expected to enforce a liability shift beginning October 2015. This means, whichever party causes a contact chip transaction to not occur, will be financially liable for any resulting card-present counterfeit fraud losses. In that context, if a merchant does not have equipment to support chip card technology and this is found to be the cause of the fraud, that merchant and/or their transaction acquirer will be financially liable for the incurred loss rather than the involved card issuer. For some brands, the liability shift applies to lost or stolen card fraud losses as well.
Do I need to update my equipment?
The current terminals do not support EMV chip technology. We advise customers to upgrade their terminals to prevent potential charge backs prior to the liability shift. For questions, please contact our Merchant Services department at 1-800-722-2175.
Why are equipment upgrades necessary?
The merchant’s equipment needs to have EMV Level 1 and 2 Certification (Level 1 and 2 Certification is the responsibility of the equipment manufacturers). The chip entry/reader “device” can either be a terminal, PIN Pad, or contactless reader. The “device” must be Level 1 certified by EMVCo, the company which manages and maintains the EMV specifications for payment card acceptance. The Level 2 Certification is specific to the device’s EMV software Kernel that drives the interaction between the ICC on the chip card and the Kernel. The payment application must then go through Level 3 (MTIP and ADVT) Certification before it is able to be sold, distributed, and used in market (this is the requirement of the Acquirer, direct merchant, or VAR).
How does EMV impact PCI DSS (Payment Card Industry Data Security Standards) compliance?
Merchants are still required to achieve and maintain PCI DSS compliance and certification. EMV addresses card present counterfeit fraud. For further protection in the card not present environment, and potential PCI compliance relief, merchants must adopt point-to-point encryption and/or tokenization.
For further information or to find out how you can order EMV terminals, contact our Merchant Services department at 1-800-277-2175.